Why does this happen? Different domains get the same port [ajax will have browser protection for ajax requests].
Common cross-domain request resolution methods:
1.Jsonp uses script tags to initiate get requests without cross-domain prohibition
2.window.name+iframe is implemented with the mediation property window.name
3. The postMessage of HTML 5 mainly focuses on front-end communication, data transfer between pages in different domains
Cors requires the server to set header: Access-Control-Allow-Origin
5. The Nginx reverse proxy may not require the cooperation of the target server, but requires the Nginx transit server for forwarding requests (there will be no cross-domain restrictions on resource requests between servers)
Focus on CORS:
The client does not need to make any other changes, just in line with the asynchronous requests sent under normal circumstances, or even the client does not need to know that the requested interface is cross-domain at all. What the server needs to do is to set the Access-Control-Allow-Origin response header while returning the response, which means "to allow the designated source ('*'for any source) to initiate cross-domain resource requests". Simply put: we send a request to tell the server to request a connection. If the server allows us to connect [the server can set a specified port release] and adds Access-Control-Allow-Origin to our response header, then we can connect to the server again and access resources.
package cn.qy.aishopping.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.filter.CorsFilter; @Configuration public class GlobalCorsConfig { @Bean public CorsFilter corsFilter() { //1. Add CORS configuration information CorsConfiguration config = new CorsConfiguration(); //1) Allowed fields, do not write *, otherwise cookie s will not be used config.addAllowedOrigin("http://127.0.0.1:8008"); config.addAllowedOrigin("http://localhost:8008"); //2) Whether to send Cookie information or not config.setAllowCredentials(true); //3) Permissible mode of request config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PATCH"); // 4) Permissible header information config.addAllowedHeader("*"); //2. Adding mapping paths, we intercept all requests UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource(); configSource.registerCorsConfiguration("/**", config); //3. Return to the new CorsFilter. return new CorsFilter(configSource); } }